Cardano’s Charles Hoskinson says Bitcoin’s quantum fix is a hard fork that can’t save Satoshi’s coins
The Cardano founder argues BIP-361 is mislabeled as a soft fork and that its zero-knowledge recovery plan cannot rescue roughly 1.7 million pre-2013 bitcoin, including Satoshi’s holdings.
What to know:
- Cardano founder Charles Hoskinson says Bitcoin’s proposed quantum defense, BIP-361, is mischaracterized as a soft fork and would in practice require a hard fork that conflicts with Bitcoin’s anti–hard fork culture.
- He argues the plan’s zero-knowledge recovery mechanism cannot protect about 1.7 million older bitcoins, including roughly 1 million attributed to Satoshi Nakamoto, because those coins were created before BIP-39 seed phrases existed.
- Hoskinson contends that if adopted as written, BIP-361 would permanently freeze those early coins and highlights this as evidence that Bitcoin’s lack of formal on-chain governance leaves it ill-equipped to handle such contentious upgrades.
- Cardano founder Charles Hoskinson argues that Bitcoin’s proposed quantum defense, BIP-361, is wrongly labeled a soft fork and would effectively require a hard fork that clashes with Bitcoin’s longstanding resistance to such changes.
- He says the plan’s zero-knowledge recovery scheme cannot protect about 1.7 million older bitcoins, including roughly 1 million attributed to Satoshi Nakamoto, because those coins predate BIP-39 seed phrases and lack the necessary cryptographic proofs.
- Hoskinson contends that, if adopted as written, BIP-361 would permanently freeze those early coins and sees the controversy as evidence that Bitcoin’s absence of formal on-chain governance leaves it poorly equipped to manage high-stakes protocol upgrades.
Hoskinson said Bitcoin’s proposed defense against quantum computers is both technically mislabeled and structurally incapable of protecting the network’s oldest coins, including the roughly 1 million bitcoin attributed to Satoshi Nakamoto.
He argued that BIP-361, the proposal from developer Jameson Lopp and others to phase out quantum-vulnerable bitcoin addresses, is being presented as a soft fork but would functionally require a hard fork because it invalidates existing signature schemes that users are actively relying on.
“To actually do this, you need a hard fork,” Hoskinson said. The distinction matters because Bitcoin’s development culture has historically opposed hard forks, viewing them as violations of the network’s immutability. BIP-361 authors have described the proposal as a soft fork, a characterization Hoskinson called a lie.
